Field of the Invention
The present invention relates to data at rest management and more particularly to data at rest privacy management
Description of the Related Art
Data at Rest is an industrial term that refers to state of data when the data is physically persisted in some sort of static memory but inactive in its use. Data at Rest is one of three states academically described for data, the other two states being “Data in Use” and “Data in Motion”. Data in Use refers to data actively and therefore contemporaneously processed in a computer by one or more processors of a computer while resident in dynamic memory. Data in Motion, in turn, refers to data that traverses a computer communications network, or data that resides only temporarily in memory during the course of a read or updating process.
Data security and data privacy is of paramount concern when considering Data at Rest. Data encryption is one way in which data security and data privacy is achieved in respect to Data at Rest. In the context of a single device or a single collection of devices, encryption can be applied at all times in order to further the goal of data privacy. However, encryption is not always a viable methodology for all circumstances of Data at Rest.
In this regard, the convergence of mobile and cloud technologies has introduced a new set of privacy concerns in regard to Data at Rest. More particularly, different national governments provide different regulations in furtherance of different data privacy policies and the corresponding utilization of data. These policies can be specific in relationship to cross-border data transmission and persistence of data—that is, data transmitted from one another jurisdiction to another national jurisdiction. As such, encryption notwithstanding, the placement of data outside of the device in the cloud can be permitted by one set of national regulations, but not by another.
Therefore, without knowing a priori within which national boundaries a device is to be utilized, it is not possible to specifically configure a device to manage Data at Rest therein so as to definitively satisfy the regulatory requirements of that corresponding jurisdiction in respect to data privacy.